In our continuing series about using forms on your website, here’s an issue that comes up rather frequently. You put up your new form (Contact Us or something else) and now you’re getting weird comments, requests, etc. through it. It takes time to wade through the muck to get to what you’re really looking for — people who are interested in your product or service. Let’s look at some ways to protect your site from junk submissions.
Protect Your Site from SPAM
Depending on my client’s wishes, I use a bunch of different forms. Some I hate (you know who you are!) and there are others that make me want to kiss them. WPForms is in my lovey-dovey category. Why? One reason is that it is quick and easy to use and setup. As a website developer, there are enough things to tweak so having something that actually does what you tell it to do is so gratifying.
Let’s add that SPAM to our list of four-letter words not to use in polite company. Everyone, except for the spammers, hate spam. It clutters up your inbox, often contains ransomware or viruses (just because we don’t have enough to contend with in our lives) and is a gigantic nuisance. WPForms makes defending your website against SPAM easy. How do they do it? They provide you with ReCaptcha, CAPTCHA and Honeypot options.
In case you’re not familiar, ReCAPTCHA is the way to verify that a person (and not a SPAM-bot) is submitting information into your form. It’s also a way to help your visitors to feel secure, knowing that information is being protected. ReCAPTCHA comes in three flavors:
- You have to type a code to tell the site that you are human;
- You have to put a check in the checkbox that asks if you’re human; or
- Invisible ReCAPTCHA is a scoring system that Google uses to determine if your visitor is a human or a bot.
While you can use any of these methods, WPForms (and most people) prefer the second option since it’s quick and uncomplicated. You will need to setup your ReCAPTCHA account with Google, but it’s not an ordeal to do so.
Another cool feature that is available through WPForms Pro is the ability to create your own questions to deter the bots. They have an add-on that allows you to use Math Captcha or Q&A Captcha. You can create a list of questions that will appear randomly when someone is trying to submit a form through your site.
While this is another option to keep the bots at bay, it may also frustrate some users who will then decline to fill out your forms. You may want to test this kind of CAPTCHA to see how your audience interacts with it.
The Honeypot vs. SPAM-bots
This is the solution for people who don’t want to setup a ReCAPTCHA account with Google. The Honeypot is an invisible solution to spam-bots. Just like the Venus Flytrap, your form has a deadly trap of it’s own. When you use the Honeypot as your protection, an invisible field is added to your form. We can’t see it, but bots can. When they fill in that form – WHAM! they’re stuck in the Honeypot and can’t submit the form. This is the default setting on all of your forms, so you can use your normal forms until you’re ready for ReCAPTCHA, the next level of security.
- Pick a form for functionality. You can find many plugins to create attractive forms, but ask yourself if it adds to your overall website security.
- Consider the plug-in “footprint.” Do you need to get additional plug-ins to add the honeypot or ReCAPTCHA features? If so, you may want to reconsider. The more plug-ins your site has, the easier it is for hackers to break into it, so try to choose ones that will give you the most bang for your buck.
- Do your homework. There are many plug-ins that can capture information for you, so do your homework. Many plugins offer free trials or even scaled down versions of their software so that you can evaluate them for yourself.
If you have any questions or would like help updating your website to be more efficient, please let us know. We’re happy to help.